override default credentials cache file location
Zaar Hai
haizaar at gmail.com
Thu Oct 14 06:26:38 EDT 2010
Good day, dear all!
I'm using MIT kerberos version 1.6 on Debian Lenny amd64. I would like
to override default location of credentials cache file. Here is the
reasoning and may be someone would have a better solution:
Credentials cache are stored in /tmp by default. /tmp is mounted on
real disk and that's not going to change. The problem is that if, for
example, I run kinit in the evening and go home, then someone who
breaks to office at night, can reboot my computer from CD and access
my credentials cache gaining the access to all of the network services
I'm eligible to access.
I've thought of making default cache location to be
/var/cars/krb5ccache which will be mounted to RAM, making above
scenario much harder to execute.
Thanks.
--
Zaar
More information about the Kerberos
mailing list